<!-- Sofija Puric 6/08 -->    
<?php
require 'db.php';
$con=dbConnect("sib");
$hid = $_GET["hid"];
$uid = $_GET["uid"];

$text = $_POST["text"];
$score_security = $_POST["security"];
$score_location = $_POST["location"];
$score_service = $_POST["service"];
$score_fun = $_POST["fun"];
$score_cleanliness = $_POST["cleanliness"];
$score_price = $_POST["price"];
$score_recommend = $_POST["score_recommend"];

switch($score_recommend) {
    case 1: $recommend = 1; break;
    case 2: $recommend = 0; break;
}


function check_all($t, $s1, $s2, $s3, $s4, $s5, $s6) {
    if (($t == "") || ($s1 == 0) || ($s2 == 0) || ($s3 == 0) || ($s4 == 0) || ($s5 == 0) || ($s6 == 0))
        return false;
    else return true;
}

if (!check_all($text, $score_security, $score_location, $score_service, $score_fun, $score_cleanliness, $score_price))
        header('Location: ../hostels.php?err=7');

$timest = mktime(date("H") + 2, date("i"), date("s"), date("m"), date("d"), date("Y"));
$today = date("Y-m-d H:i:s", $timest);


if (check_all($text, $score_security, $score_location, $score_service, $score_fun, $score_cleanliness, $score_price)) {
$sql="INSERT INTO feedback (DateTime, Text, Security, Location, Service, Fun, Cleanliness,
                            Price, Recommend, IDHostel, IDUser)
      VALUES ('$today', '$text', '$score_security', '$score_location', '$score_service',
              '$score_fun', '$score_cleanliness', '$score_price', '$recommend', '$hid', '$uid')";

if (!mysql_query($sql, $con)) {
     die('Error: ' . mysql_error());
}
else
     header('Location: ../hostel.php?hid='.$hid.'');

}

mysql_close($con);

?>
